<?php
	if( !isset($_COOKIE["username"]) ){
		header("Location:login.php");
	}else{
		setcookie("username", $_COOKIE["username"], time() + 900);
	}
	
	include_once 'json_function.php';
	$ini_array = parse_ini_file("config/config.ini");
	
	$conn = @mysqli_connect($ini_array["host"], $ini_array["username"], $ini_array["password"], $ini_array["db_name"]) or die("cann't connect the mysql db");
	mysqli_set_charset($conn, "utf8");
	ini_set('default_charset', "UTF-8");
	$doctorNo = mysqli_real_escape_string($conn,$_POST["doctorNo"]);

	$doctorFirstName = mysqli_real_escape_string($conn,$_POST["doctorFirstName"]);
	$doctorSurname = mysqli_real_escape_string($conn,$_POST["doctorSurname"]);
	$doctorTitle = mysqli_real_escape_string($conn,$_POST["doctorTitle"]);
	$doctorKnownAS = mysqli_real_escape_string($conn,$_POST["doctorKnownAs"]);
	$doctorAddress = mysqli_real_escape_string($conn,$_POST["doctorAddress"]);
	$doctorTelephone = mysqli_real_escape_string($conn,$_POST["doctorTelephone"]);
	//no clinic specified
	$clinicNo = mysqli_real_escape_string($conn,$_POST["clinicNo"]);
	$isInCirculateList = mysqli_real_escape_string($conn,$_POST["isInCirculateList"]);

	$doctorPortrait = mysqli_real_escape_string($conn,$_POST["portraitHidden"]);
	
	
	
	$sql = "";
	$operateType = "";
	
	if( $doctorNo == 0 ){
		$sql = "insert into doctor(doctor_first_name, doctor_surname, doctor_title, known_as, doctor_address, doctor_telephone_no,  inCirculateList, portrait_file, clinic_no)
				values('".$doctorFirstName."', '".$doctorSurname."', '".$doctorTitle."','".$doctorKnownAS."','".$doctorAddress."','".$doctorTelephone."',".$isInCirculateList.",'".$doctorPortrait."', ".$clinicNo.")";
		$operateType = "Add";
	}else{
		$isExistDoctor = "select count(doctor_no) count from doctor where doctor_no=".$doctorNo;
		$existResult = mysqli_query($conn, $isExistDoctor);
		$isExist = true;
		if( $row = mysqli_fetch_array($existResult)){
			$count = $row["count"];
			if( $count == 0 ){
				$isExist = false;
			}else{
				$isExist = true;
			}
		}
		if( $isExist == false ){
			$sql = "insert into doctor(doctor_no, doctor_first_name, doctor_surname, doctor_title, known_as, doctor_address, doctor_telephone_no, inCirculateList, portrait_file, clinic_no)
				values(".$doctorNo.",'".$doctorFirstName."', '".$doctorSurname."', '".$doctorTitle."','".$doctorKnownAS."','".$doctorAddress."','".$doctorTelephone."',".$isInCirculateList.",'".$doctorPortrait."', ".$clinicNo.")";
			$operateType = "Add";
				
		}else{
			$sql = "update doctor set doctor_first_name='".$doctorFirstName."', doctor_surname='".$doctorSurname."', doctor_title='".$doctorTitle."', known_as='".$doctorKnownAS."', doctor_telephone_no='"
					.$doctorTelephone."', inCirculateList=".$isInCirculateList.", portrait_file='".$doctorPortrait."', doctor_address='".$doctorAddress."', clinic_no=".$clinicNo." where Doctor_no=".$doctorNo;
			$operateType = "Update";
		}
	}
	
	
	$result = mysqli_query($conn, $sql);

	
	if( $result ){
		if( $doctorNo == 0 ){
			$getLastId = "select last_insert_id() last_insert_id";
			$result = mysqli_query($conn, $getLastId);
			$row = mysqli_fetch_array($result);
			$doctorNo = $row["last_insert_id"];
		}
		$data = "{\"data\":{\"status\":\"success\", \"doctorNo\":\"".$doctorNo."\",\"doctorFirstName\":\"".replaceQuoteAndSlash($doctorFirstName)."\",\"doctorSurname\":\"".replaceQuoteAndSlash($doctorSurname)."\", \"msg\":\"".$operateType." doctor ".$doctorNo." success!!!\"}}";
		echo JsonCharFilter($data);
	}else{
		
		$data = "{\"data\":{\"status\":\"fail\", \"msg\":\"".$operateType." fail!!!".mysqli_error($conn)."\"}}";
		echo JsonCharFilter($data);
	}


?>